Date: Tue, 27 Aug 2002 20:21:54 +0100 From: Mark Murray <mark@grondar.za> To: David Olbersen <dave@slickness.org> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Ports are insecure? Message-ID: <200208271921.g7RJLsl5022865@grimreaper.grondar.org> In-Reply-To: <20020827165347.GA12522@slickness.org> ; from David Olbersen <dave@slickness.org> "Tue, 27 Aug 2002 09:53:47 PDT." References: <20020827165347.GA12522@slickness.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> How exactly does that work? Is this based in the idea that nearly > anybody can contribute a port, but the core system is reviewed by a > team? I'm not sure where you read this, but as a general security principle, this is true. The more you run, the more there is to go wrong and the more there is to exploit. In practical terms, regular audits of your machine (look at the output of "netstat -an", "sockstat" and so on) and try to understand your own environment. Understand that the prime question is not "Am I being paranoid?", But "Am I being paranoid _Enough_?" > And, if I'm to believe this and limit my use of ports, doesn't that mean > I'll be doing a lot of build-worlding to update specific applications? There is no silver bullet, there is no algorithm. Swallow a paranoia-pill and start hunting. What you do on your own nets is your business - take charge. M (Any volunteers to maintain a FAQ? This is a doozy.) -- o Mark Murray \_ O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200208271921.g7RJLsl5022865>